Linux Tips & Tricks ,Helps, Tutorials and An Ideas: 2009

Wednesday, December 30, 2009

Setup Subversion Server on Ubuntu 9.04

Step: 1 Installing the Subversion package

#apt-get install subversion

Step:2 Configure Subversion Directory

#mkdir –p /home/svn/repository

Step 3 Configure Subversion group

#groupadd svn

#chgrp svn /home/svn/repository

#chmod g+rw /home/svn/repository

(you need to make sure that all new files and directories created in the repos directory (in other words, anything committed to the repositories) will also be owned by the group)

#chmod g+s /home/svn/repository

#usermod –a –G svn user1 (Assign users to svn group)

#usermod –a –G svn user2 (Assign users to svn group)

Step 4: Creating a New repository

#svnadmin create /home/svn/repository/test

Step 5: Checkout Repository

#svn checkout file:///home/svn/repository/test

Output: Checked out revision 0

Step 6: Add new files to Empty repository

#cd test

# echo 'Hello, World!' > hello.txt

#svn add hello.txt

Output : A hello.txt

Step 7 : Commit files

#svn commit -m "Added a 'hello world' text file."

Output :

Adding hello.txt

Transmitting file data .

Committed revision 1.

Accessing SVN repository

Step 1: Configure Users for Access SVN repository.

#vi /home/svn/repository/conf/authz

(Add below entry)

[/]

User1 = rw

[/test]

User1 = rw

User2 = rw

(save file)

#vi /home/svn/repository/conf/passwd

(Add below entry)

User1=password1

User2=password2

(save file)

Step 2: Configure files for authentication

# rm –rf /home/svn/repository/test/conf/authz

# rm –rf /home/svn/repository/test/conf/passwd

#vi /home/svn/repository/conf/svnserve.conf

[general]

anon-access = none

password-db = /home/svn/repository/conf/passwd

realm = Team

Step 3: Start repository

#svnserve -d --foreground -r /home/svn/ repository

Step 4 : Test the Repository

#svn checkout svn://ipaddress/test --username user1

Step 5: Initialize the Script at Startup

#wget http://odyniec.net/articles/ubuntu-subversion-server/svnserve

#move svnserve /etc/init.d/

# chmod +x /etc/init.d/subserve

#update-rc.d svnserve defaults

Friday, October 23, 2009

Call to undefined function: mysql_connect()

Solutions:

Solution 1) Remove php5-mysql with “apt-get remove php5-mysql” and install it again or

Solution 2) Check your php.ini file to ensure it’s including the mysql.so library (extension=mysql.so) or

Solution 3) Type “dpkg-reconfigure php5-mysql” (For ubuntu and debian users)

Tuesday, September 29, 2009

Solaris and Linux Runlevel

Default Linux Run Level: Total 7 Run Level

RunLevel 0: Halt System - To shutdown the system
RunLevel 1: Single user mode
RunLevel 2: Basic multi user mode without NFS
RunLevel 3: Full multi user mode (text based)
RunLevel 4: unused
RunLevel 5: Multi user mode with Graphical User Interface
RunLevel 6: Reboot System

Default Solaris Run Level: Total 8 Run Level

RunLevel S: Single user state (useful for recovery)

RunLevel 0: Access Sun Firmware (ok> prompt)

RunLevel 1: System administrator mode

RunLevel 2: Multi-user w/o NFS

RunLevel 3: Multi-user with NFS

RunLevel 4: Unused

RunLevel 5: Completely shutdown the host (like performing a power-off)

RunLevel 6: Reboot but depend upon initdefault entry in /etc/inittab

Update system

Configure Services in CentOs5/RHEL5

1) List All services

2) List Running services at Runlevel 3

3) Start service

4) Stop service

5) Start service on different RunLevel

6) Restart services

7) Add services

8 ) Remove Services

Monday, September 28, 2009

CentOS5/RHEL5 User Administration

1) Add User

2) Delete user

3) Modify user

4) Add Group

5) Delete group

6) Modify group

7) Add User to Group

Use useradd command to add new users to existing group (or create a new group and then add user). If group does not exist, create it. Syntax:

Syntax:

useradd -G {group-name1},{group-name2} username (for secondary group)

useradd -g {group-name} username (for primary group)

useradd1

Tuesday, September 15, 2009

Automated Installation of DenyHost on RedHat/Fedora

#Script

#!/bin/bash

# This script installs Deny Host on RedHat(RHEL) or Fedora.

################################################################################

# This script comes with no warranty or guarantee. Please review the script

# before you run it to ensure that it will not cause adverse effects on your

# system.

# If you have any questions or comments, please e-mail: sanjaydalal4u@gmail.com

################################################################################

sudo echo

if [ -f /etc/init.d/denyhosts ]; then

echo Removing existing init scripts

sudo /etc/init.d/denyhosts stop

sudo rm -rf /etc/init.d/denyhosts

sudo chkconfig --remove denyhosts

echo '*********************'

echo

if [ -d /usr/share/denyhosts/ ]; then

echo Removing existing installation

sudo rm -rf /usr/share/denyhosts

echo '*********************'

echo

echo Installing 'python' and dependencies.

sudo yum -y install python

echo '*********************'

echo

cd /root

echo Downloading DenyHost

wget http://downloads.sourceforge.net/project/denyhosts/denyhosts/2.6/DenyHosts-2.6.tar.gz?use_mirror=biznetnetworks

echo '*********************'

echo

echo Unpacking DenyHost

#!/bin/bash

# This script installs Deny Host on RedHat(RHEL) or Fedora.

################################################################################

# This script comes with no warranty or guarantee. Please review the script

# before you run it to ensure that it will not cause adverse effects on your

# system.

# If you have any questions or comments, please e-mail: sanjaydalal4u@gmail.com

################################################################################

sudo echo

if [ -f /etc/init.d/denyhosts ]; then

echo Removing existing init scripts

sudo /etc/init.d/denyhosts stop

sudo rm -rf /etc/init.d/denyhosts

sudo chkconfig --remove denyhosts

echo '*********************'

echo

fi

if [ -d /usr/share/denyhosts/ ]; then

echo Removing existing installation

sudo rm -rf /usr/share/denyhosts

echo '*********************'

echo

fi

echo Installing 'python' and dependencies.

sudo yum -y install python

echo '*********************'

echo

cd /root

echo Downloading DenyHost

wget http://downloads.sourceforge.net/project/denyhosts/denyhosts/2.6/DenyHosts-2.6.tar.gz?use_mirror=biznetnetworks

echo '*********************'

echo

echo Unpacking DenyHost

tar -xzf DenyHosts-2.6.tar.gz

cd /root/DenyHosts-2.6

echo '*********************'

echo

echo Installing DenyHost

sudo python setup.py install

echo '*********************'

echo

cd /usr/share/denyhosts

echo Configuring DenyHost

sudo cp denyhosts.cfg-dist denyhosts.cfg

sudo sed -i.bak 's/^\s*$SECURE_LOG\s*=.*$$/#\1/' denyhosts.cfg

sudo sed -i.bak 's/^\s*#\s*SECURE_LOG\s*=\s*\/var\/log\/secure/SECURE_LOG = \/var\/log\/secure/' denyhosts.cfg

sudo sed -i.bak 's/^\s*$LOCK_FILE\s*=.*$$/#\1/' denyhosts.cfg

sudo sed -i.bak 's/^\s*#\s*LOCK_FILE\s*=\s*\/var\/run\/denyhosts.pid/LOCK_FILE = \/var\/run\/denyhosts.pid/' denyhosts.cfg

sudo sed -i.bak 's/^\s*$BLOCK_SERVICE\s*=.*$$/#\1/' denyhosts.cfg

sudo sed -i.bak 's/^\s*#\s*BLOCK_SERVICE\s*=\s*ALL/BLOCK_SERVICE = ALL/' denyhosts.cfg

echo '*********************'

echo

echo Configuring executable

sudo cp daemon-control-dist daemon-control

sudo sed -i.bak 's/^$\s*DENYHOSTS_BIN\s*=\s$.*$/\1"\/usr\/bin\/denyhosts.py"/' daemon-control

sudo sed -i.bak 's/^$\s*DENYHOSTS_LOCK\s*=\s$.*$/\1"\/var\/run\/denyhosts.pid"/' daemon-control

sudo sed -i.bak 's/^$\s*DENYHOSTS_CFG\s*=\s$.*$/\1"\/usr\/share\/denyhosts\/denyhosts.cfg"/' daemon-control

sudo chown root daemon-control

sudo chmod 700 daemon-control

echo '*********************'

echo

echo Adding ddclient to rc scripts

cd /etc/init.d

sudo ln -s /usr/share/denyhosts/daemon-control denyhosts

sudo chkconfig --add denyhosts

sudo chkconfig --level 35 denyhosts on

echo '*********************'

echo

Friday, July 31, 2009

How to Open 7zip Files Under Ubuntu

Step 1 : Install application

#sudo apt-get install p7zip

Step 2 : Exectute this command

#p7zip -d filename.7z

Sunday, July 26, 2009

Setup SAMBA server on Ubuntu

Step 1: Installation

#apt-get install samba

Step 2: Configuration

Configuration file : /etc/samba/smb.conf

Edit below section

Workgroup = EXAMPLE

…………

Security = user

Create a new section at the bottom of the file /etc/samba/smb.conf

[Samba Share]

Comment= Samba File Server Share

Path=/path to directory

Browsable = yes

Guest ok = yes

Read only = no

Create mask = 0755

Step 3: Create directory and change permissions

#mkdir /path to directoy

#chown -R nobody:nobody /path to directory

Step 4 : Restart Samba service

#/etc/init.d/samba restart

Enjoy!!!!!!!!!!!!

Thursday, July 9, 2009

Open ports using IPTABLES

If you want your machine to respond to requests initiated from elsewhere on the internet you need to open the required ports. You need to know below details first:

1. Service name you want to open up
2. Is it a tcp or udp service?
3. Port number(s) uses by service?

Example:

To enable ssh access to your box from anywhere on for Class A networks, you could use something like

iptables -A allowed -p tcp --dport 22 -s 10.2.0.0/16 -j ACCEPT
iptables -A allowed -p udp --dport 22 -s 10.2.0.0/16 -j ACCEPT

iptables -A allowed -p tcp --dport 22 -s 10.8.0.0/16 -j ACCEPT
iptables -A allowed -p udp --dport 22 -s 10.8.0.0/16 -j ACCEPT

This allows both udp and tcp traffic from either of the two class A networks to access port 22 on your machine.

Work with tcpwrappers hosts.deny and hosts.allow

You can use tcpwrappers to Block user,ip,daemon from outside or your inside newwork. For allow use host.allow file and to block use host.deny file.

Step 1. Use your favorite editor like vi.

Step 2. Type vi /etc/hosts.deny
Step 3. At the bottom line just type “ALL:ALL:deny” to restricted all of daemon process
Step 4. Save it.
Step 5. Open “/etc/hosts.allow” with vi editor
Step 6. At the buttom line “ALL :(some ip that you allow):allow” to allow anything from my IP address
Step 7. Save it.

Thursday, July 2, 2009

Working with tar and tar Encryption

STEP 1 : (Using the tar command on the directory /example)

Suppose you have a directory /stuff. To tar everything in stuff to create a “.tar” file.

# tar -cvf example.tar example

It will create example.tar file.

STEP 2 : (Using the tar command to create a “.tar.gz” of /example)

# tar -czf example.tar.gz example

STEP 3 : (List the files in the archive)

# tar -tzf example.tar.gz
or
# tar -tf example.tar

STEP 4 : (ENCRYPTION)

# tar -zcvf – example | openssl des3 -salt -k secretpassword | dd of=example.des3

This will create example.des3…Please don’t forget the password you put in place of secretpassword.

If you want to do this interactively then

# dd if=example.des3 |openssl des3 -d -k secretpassword|tar zxf -

Wednesday, July 1, 2009

Multiple IP address on Single NIC (Redhat/Fedora)

We can setup two Ipaddress on single NIC.

Below i have mentioned for Redhat/Fedora/CentOs system.

STEP 1 : (Initial/First IP address)

#cat /etc/sysconfig/network-scripts/ifcfg-eth0

DEVICE=eth0
BOOTPROTO=static
BROADCAST=10.8.0.255
IPADDR=10.8.0.10
NETMASK=255.255.255.0
NETWORK=10.8.0.0
ONBOOT=yes

STEP 2 : (Second IP address)
#cat /etc/sysconfig/network-scripts/ifcfg-eth0:1

DEVICE=eth0:1
BOOTPROTO=static
BROADCAST=10.8.0.255
IPADDR=10.8.0.11
NETMASK=255.255.255.0
NETWORK=10.8.0.0
ONBOOT=yes

View Routing Table and Change your default Gateway

The netstat -nr command will provide the contents of the touting table.

# netstat -nr

Kernel IP routing table

Destination     Gateway         Genmask         Flags   MSS Window irtt Iface

10.8.0.0        0.0.0.0         255.255.255.0   U         0 0          0 eth0

169.254.0.0     0.0.0.0         255.255.0.0     U         0 0          0 eth0

0.0.0.0         10.8.0.1        0.0.0.0         UG        0 0          0 eth0

Change Your Default Gateway

You will need to update your /etc/sysconfig/network file to reflect the change. This file is used to configure your default gateway

NETWORKING=yes
HOSTNAME=newhost
GATEWAY=10.8.0.2

Use of Netstat Commands

Netstat (network statistics) is a command-line tool that displays network connections (both incoming and outgoing), routing tables, and a number of network interface statistics. Netstat is a useful tool for checking your network configuration and activity.

Check tcp connection established on your machine using below command

1: netstat --tcp

% netstat --tcp --numeric
Active Internet connections (w/o servers)

Proto Recv-Q Send-Q Local Address           Foreign Address         State

tcp        0      0 nexubuntu:ldap          nexubuntu:38885         ESTABLISHED

tcp        0      0 nexubuntu:38885         nexubuntu:ldap          ESTABLISHED

tcp        0      0 nexubuntu:ssh           10.8.0.151:50776        ESTABLISHED

tcp        0      0 nexubuntu:microsoft-ds nexubuntu:59000         ESTABLISHED

tcp        0      0 nexubuntu:38875         nexubuntu:ldap          ESTABLISHED

tcp        0      0 nexubuntu:ldap          nexubuntu:52342         ESTABLISHED

tcp        0      0 nexubuntu:ssh           10.8.0.151:50775        ESTABLISHED

tcp      244      0 nexubuntu:59004         nexubuntu:microsoft-ds ESTABLISHED

tcp      244      0 nexubuntu:59000         nexubuntu:microsoft-ds ESTABLISHED

tcp        0      0 nexubuntu:ldap          nexubuntu:38875         ESTABLISHED

tcp        0      0 nexubuntu:microsoft-ds nexubuntu:59004         ESTABLISHED

tcp        0      0 nexubuntu:52343         nexubuntu:ldap          TIME_WAIT

tcp        0      0 nexubuntu:52342         nexubuntu:ldap          ESTABLISHED

tcp        0      0 nexubuntu:microsoft-ds nexubuntu:58998         ESTABLISHED

tcp      244      0 nexubuntu:58998         nexubuntu:microsoft-ds ESTABLISHED

If you want to see what (TCP) ports your machine is listening on, use netstat --tcp --listening. Another useful flag to add to this is --programs which indicates which process is listening on the specified port.

2: netstat --tcp --listening --programs

# sudo netstat --tcp --listening --programs
Active Internet connections (only servers)

Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name

tcp        0      0 *:nfs                   *:*                     LISTEN      -

tcp        0      0 *:ldap                  *:*                     LISTEN      2715/slapd

tcp        0      0 *:ftp                   *:*                     LISTEN      3302/vsftpd

tcp        0      0 *:ssh                   *:*                     LISTEN      4022/sshd

tcp        0      0 nexubuntu:postgresql    *:*                     LISTEN      2680/postgres

tcp        0      0 *:smtp                  *:*                     LISTEN      3259/master

tcp        0      0 *:58777                 *:*                     LISTEN      2098/rpc.statd

tcp        0      0 *:microsoft-ds          *:*                     LISTEN      3283/smbd

tcp6       0      0 [::]:ldap               [::]:*                  LISTEN      2715/slapd

tcp6       0      0 [::]:www                [::]:*                  LISTEN      3750/apache2

Uses netstat --route to display the routing table.

3: netstat --route

% netstat --route
Kernel IP routing table

Destination     Gateway         Genmask         Flags   MSS Window irtt Iface

10.8.0.0        *               255.255.255.0   U         0 0          0 eth0

link-local      *               255.255.0.0     U         0 0          0 eth0

default         mygateway1.ar7 0.0.0.0         UG        0 0          0 eth0

Uses the --statistics flag to display networking statistics.

Using this flag by itself displays all IP, TCP, UDP, and ICMP connection statistics.

4: netstat --statistics --route

How to add multiple IP addresses manually

# ifconfig

will output all the configured addresses

eth0: inet addr:10.8.0.10 Bcast:10.8.0.255 Mask:255.255.255.0

To add on extra IP addresses execute below command:

# ifconfig eth0:1 10.8.0.12 netmask 255.255.255.0

For additional IP addresses, make sure you increment the 1 in eth0:1

Third ip address would be like this

# ifconfig eth0:2 10.8.0.13 netmask 255.255.255.0

How to add multiple IP addresses manually?

Assigning a virtual IP to a NIC

Assigning a virtual IP to a NIC is a very easy task either you use the system-config-network tool or just do some text file editing. The script ifconfig can also be used to create a virtual network interface, but this would not be permanent since the changes ifconfig makes do not survive a reboot.

In Fedora, all information about the network interfaces is kept in the following directories:

/etc/sysconfig/network-scripts/

/etc/sysconfig/networking/

My NIC configuration script is /etc/sysconfig/network-scripts/ifcfg-eth0 looks like this:

DEVICE=eth0

BOOTPROTO=static

BROADCAST=192.168.0.255

HWADDR=00:00:00:00:00:00

IPADDR=192.168.0.1

NETMASK=255.255.255.0

NETWORK=192.168.0.0

ONBOOT=yes

TYPE=Ethernet

GATEWAY=192.168.0.254

Make a copy of this in the same directory naming the new file ifcfg-eth0:1

# cp ifcfg-eth0 ifcfg-eth0\:1

Modification in file ifcfg-eth0\:1 is shown in bold

DEVICE=eth0:1

BOOTPROTO=static

BROADCAST=192.168.0.255

HWADDR=00:00:00:00:00:00

IPADDR=192.168.0.101

NETMASK=255.255.255.0

NETWORK=192.168.0.0

ONBOOT=yes

TYPE=Ethernet

GATEWAY=192.168.0.254

So, its IP address will be 192.168.0.101. Save the file and copy it to/etc/sysconfig/networking/devices/:

# cp ifcfg-eth0\:1 /etc/sysconfig/networking/devices/

Also, copy it to your default network profile or whichever profile you use:

# cp ifcfg-eth0\:1 /etc/sysconfig/networking/profiles/default/

Now, bring up the new interface using the ifup script:

# ifup eth0\:1

Running ifconfig, the new interface should be listed. You can also check it by pinging:

# ping 192.168.0.101

Commands related to Process Control

Here "PID" is refer to the process ID, that you can get from command "ps -aux"

#fg PID
It Brings a background or stopped process to the foreground.

#bg PID
It sends the process to the background.

#any command &
Run any command in the background (the symbol "&" means "run the proceeding command in the background").

#batch any command
Run any command when the system load is low. I can logout and the process will keep running.

#at 18:00
Execute a command at a specified time. You will be prompted for the command(s) to run, until you press d.

#kill PID
To shutdown process by force. First determine the PID of the process to kill using ps.

#killall program name
Kill program(s) by name.

#nice program_name
Run program name adjusting its priority. The priority value may be in the range -20 to 19. Only root may specify negative values. Use "top" to display the priorities of the running processes.

#renice -1 PID
(as root) Change the priority of a running process to -1. Normal users can only adjust processes they own, and only up from the current value (make them run slower).

Useful commands for Ubuntu

Privileges Commands

sudo command - run command as root
sudo su – root shell open
sudo su user – open shell as a user
sudo -k – forget your password sudo
gksudo command – sudo visual dialog (GNOME)
kdesudo command – sudo visual dialog (KDE)
sudo visudo – edit / etc / sudoers
gksudo nautilus – root file manager (GNOME)
kdesudo konqueror – root file manager (KDE)
passwd – change your password

Network Commands

ifconfig – displays information network
iwconfig – displays information from wireless
sudo iwlist scan – scan wireless networks
sudo /etc/init.d/networking restart – reset the network
(file) /etc/network/interfaces – manual configuration
ifup interface – bring online interface
ifdown interface – disable interface

Display Commands

sudo /etc/init.d/gdm restart – reset X (Gnome)
sudo /etc/init.d/kdm restart – reset X (KDE)
(file) /etc/X11/xorg.conf – show Configuration
sudo dpkg-reconfigure - reconfigure xserver-xorg-phigh - reset configuration X
Ctrl+Alt+Bksp – X display reset if frozen
Ctrl+Alt+FN – switch to tty N
Ctrl+Alt+F7 – switch back to X display

Service System Commands.

start service – service to start work (Upstart)
stop service – service to stop working (Upstart)
status service – check if service is running (Upstart)
/etc/init.d/service start – start service (SysV)
/etc/init.d/service stop – stop service (SysV)
/etc/init.d/service status – check service (SysV)
/etc/init.d/service restart – reset service (SysV)
runlevel – get current runlevel

Firewall related commands

ufw enable – turn on the firewall
ufw disable – turn off the firewall
ufw default allow – allow all connections by default
ufw default deny – drop all connections by default
ufw status – current rules and
ufw allow port – to allow traffic on port
ufw deny port – port block
ufw deny from ip – ip block

System Commands.

lsb_release -a – get the version of Ubuntu
uname -r – get kernel version
uname -a – get all the information kernel

Commands for Package Manager.

apt-get update – refresh updates available
apt-get upgrade – update all packages
apt-get dist-upgrade – version update
apt-get install pkg – installing pkg
apt-get remove pkg – uninstall pkg
apt-get autoremove – removing packages obsotletos
apt-get -f install – try to fix packages
dpkg –configure -a – try to fix a broken package
dpkg -i pkg.deb – install file pkg.deb
(file) /etc/apt/sources.list – list of repositories APT

Commands Special Packages.

ubuntu-desktop – Setting the standard Ubuntu
kubuntu-desktop – KDE Desktop
xubuntu-desktop – desktop XFCE
ubuntu-minimal – core earnings Ubuntu
ubuntu-standard – the standard utilities Ubuntu
ubuntu-restricted-extras – not free, but useful
kubuntu-restricted-extras – ditto KDE
xubuntu-restricted-extras – ditto XFCE
build-essential – packages used to compile
linux-image-generic – latest generic kernel image
linux-headers-generic – latest headlines

Applications commands.

nautilus – File Manager (GNOME)
dolphin – File Manager (KDE)
konqueror – Web browser (KDE)
kate – text editor (KDE)
gedit – text editor (GNOME)

Useful 100+ Linux commands

1. Schedule a queue to run at 9am on March 1st. Note: Ctrl-d to save and exit.

# at 9am March 1

2. Schedule a queue to run after 5 minutes.

# at now +5 minutes

3. Check any jobs pending to run, same as at -l .

# atq

4. Empty out a file.

# cat /dev/null > /path/to/file

5. Change directory, see also pushd and popd.

# cd

6. List run level information for the service type.

# chkconfig --list

7. Change owner recursively.

# chown -R : /path/to/directory

8. Change shell.

# chsh

9. Scan recursively for viruses.

# clamscan -r

10. Compare two files.

# cmp file1 file2

11. Copy keeping the directory structure.

# cp --parent /source/path /destination/path

12. Copy keeping the permissions of the user.

# cp -p

13. Copy recursive.

# cp -r

14. Copy without shell aliasing.

# \cp

15. List crontab for user.

# crontab -u -l

16. Check current date and time.

# date

17. Set current date and time, may need to set the hardware clock to the system time too, `man hwclock`.

# date -s 'Wed May 28 11:35:00 EST 2003'

18. Show disk free in human readable format.

# df -h

19. Configure interface using DHCP protocol.

# dhclient eth0

20. Find context differences between two files.

# diff -c

21. Creating a patch file.

# diff -Naur oldDir/oldFile newDir/newFile > new_patchFile

22. Kernel buffer

# dmesg

23. Show disk used in human readable format.

# du -h /path/to/directory

24. Find files larger than 10MB.

# find /path/to/file -size +10000k

25. Find file permissions with setuids.

find / $ -perm -4000 -o -perm -2000 $ -exec ls -ldb {} \;>> /tmp/suids

26. Search for world writable files and directories.

# find / -perm -002

27. Display information on free and used memory.

# free

28. Grep on word boundaries.

grep -w

29. Count the number of mathces - similar to “wc -l”.

# grep -c

30. Perform timings of device reads for benchmark and comparison purposes.

# hdparm -t /dev/hda1

31. Set the hardware clock to the current system time.

# hwclock --systohc

32. check the ip address

# ifconfig

33. Add an ip address to eth0.

# ifconfig eth0:x xxx.xxx.xxx.xxx

34. Install loadable kernel module. You can also use `modprobe` to do the same.

# insmod

35. Displays information about your system’s CPU and I/O.

# iostat [ interval [ count ] ]

36. List iptables firewall rules in numeric format.

# iptables -L -n

37. HangUP process so it will re-read the config file.

# killall -HUP

38. Install the boot loader and increase verborsity.

# lilo -v -v

39. Query the boot map.

# lilo -q

40. One time boot to the named kernel.

# lilo -R

41. Create symbolic link to the target file or directory.

# ln -s

42. Configure dynamic linker run-time bindings

# ldconfig

43. List the IPs bound via Ensim

# listaliases

44. Quickly search for indexed files. Run `updatedb` to update the indexed database.

# locate

45. List files.

# ls

46. List loaded kernel modules

# lsmod

47. Create the access.db file database map for sendmail.

# makemap hash /etc/mail/access.db < /etc/mail/access

48. Create/Make a new directory.

# mkdir

49. Generate a random 128 character length password.

# mkpasswd -l 128

50. Read in the contents of your mbox (or the specified file).

# mail -f /var/mail/nameOfFile

51. Print the mail queue

# mailq

52.

# mailstat /path/to/procmail/log

53. Description of the hierarchy directory structure of the system

# man hier

54. Check the MD5 message digest.

# md5sum

55. Mount points check.

# mount

56. Provide information about your systems’ processor.

# mpstat [ interval [ count ] ]

57.

# ncftpget -R -u -p
hostname /local_dir /remote_dir

58.

# netstat -a | grep -i listen

59. Will show you who is attached to what port.

# netstat -anpe

60.

# netstat -n

61. See which programs are listening on which port

# netstat -lnp

62. Will show you what local TCP ports are open and what programs are running on them.

# netstat -lntpe

63. Will show you what local UDP ports are open and what programs are running on them.

# netstat -lnupe

64. Run a program with modified scheduling priority. (# range between -20 to +20, negative is higher priority)

# nice -n # [command to nice]

65. Scan network

# nmap -v hostname/ip

66. Patch and keep a backup

# patch -p# -b < patch_file

67.

# ps -ecaux

68. Turn off all quotas for users and groups, verbose mode

# quotaoff -augv

69. Check quota for all users and groups interactively, do quotaoff first.

# quotacheck -augmiv

70. Turn on all quotas for users and groups

# quotaon -augv

71. Add host ip to route on a particular device.

# route add -host xxx.xxx.xxx.xxx dev eth0:x

72.

# rdate

73. Remove file

# rm

74. Remove kernel module

# rmmod

75. Display the routing table in numeric.

# route -n

76.

# rpm

77. Uninstall/erase package.

# rpm -e

78. Erase without dependency check.

# rpm -e --nodeps

79. List out installed rpms by date, latest on top.

# rpm -qa --last | less

80. Rebuild rpm database.

# rpm --rebuilddb

81. Find which package owns the file.

# rpm -qf /path/to/file
# rpm -q --whatprovides /path/to/file

82. Verify package.

# rpm -V

or

# rpm -Vf /path/to/file

83. Locate documentation for the package that owns the file.

# rpm -qdf /path/to/file

84. Query information on package.

# rpm -qip

85. Query files installed by package.

# rpm -qlp

86. Gives list of files that will be installed/overwritten.

# rpm -ql

87. Will show the scripts that will be executed.

# rpm -q --scripts

88. Display system activity information

# sar

89. Print a 0 padded sequence of numbers.

# seq -w 1 10

90. Record eveything printed on your terminal screen.

# script -a

Ctrl+D to exit out. `more ` to view.

91. Check the status of a service.

# service status

92. Restart after shutdown and force fsck (fsck may take a while).

# shutdown -rF now

93. Split a file into pieces with numeric suffixes, so it can be burnt to cds.

# split -d -b 640k big_input_filename.gz piece_file_prefix.gz.

To piece it back you can `cat piece_file_prefix.gz.* > original.gz`
94. Determine if a network service binary is linked againt tcp wrapper, libwrap.a

# strings -f | grep hosts_access

96. how to use tar

# tar -cvzf fileName.tar.gz `find /file/path -mtime -1 ! -type d -print`

97.

# tar -xvzpf fileName.tar.gz /path/to/file.txt

98. How to use tcpdump

# tcpdump -i eth0 dst port 80 | more

99. System process status

# top

100. View the full command line.

# top -c

101. Create empty file of 0 byte

# touch

102. Similar to `which` - shows full path to the command.

# type

103. Check the limit of user

# ulimit -a

104. Check the version of kernel running

# uname -a

105. Update package profile with rhn

# up2date -p

106. Install package via up2date.

# up2date -i

107.

# uptime

108.

# usermod

109. Utility reports virtual memory statistics

# vmstat [second interval] [no. of count]

110. Show who is logged on and what they are doing.

# w

111. Periodically watch output of a command in full screen

# watch ''

112. Run and generate the apache reports using webalizer

# webalizer -c /path/to/webalizer.conf

113. Recursive download of a url, converting links, no parent.

# wget -r -k -np

114. Mirror, convert links, backup original, dynamic to html and output a “logFile”.

# wget -m -k -K -E -o [logFile]

115. Locate the binary, source, and manual page files for a command.

# whereis

116. Shows the full path of command.

# which

117. Show who is logged on.

# who

118. Yum package updates

# yum check-update           -- check to see what updates are needed
# yum info     -- show basic information about a package
# yum update   -- update particular package

119. Control jobs:

# Ctrl-z   -- suspend foreground job
# jobs     -- list jobs
# bg       -- send job to background
# fg       -- bring job to foreground

Check your Disk Performance

Using some simple command you can check the performance of hard disk

#hdparm -tT /dev/sda

Output:

/dev/sda:

Timing cached reads: 6054 MB in 2.00 seconds = 3028.86 MB/sec

Timing buffered disk reads: 42 MB in 3.09 seconds = 13.60 MB/sec

/dev/sda:

Timing cached reads: 6054 MB in 2.00 seconds = 3028.86 MB/sec

Timing buffered disk reads: 42 MB in 3.09 seconds = 13.60 MB/sec

Monday, June 22, 2009

Setup OpenLDAP Server+OpenLDAP Client+Samba+auto mount in Ubuntu 9.04

Installation Setup Scenario.

I have setup one machine as a openldap server and one machine as a openldap client.

I have setup openldap server & samba server in one machine.

Machine 1 : Openldap server + Samba Server

Hostname : openldap.server

IP : 10.8.0.12

Machine 2 : Openldap Client

Hostname : openldap.client

IP : 10.8.0.15

Configure OpenLDP server

Step 1 : Installation of required packages

First, install the OpenLDAP server daemon slapd and ldap-utils, a package containing LDAP management utilities:

#apt-get install slapd ldap-utils

Step 2 : Configure slapd

# dpkg-reconfigure slapd

It will prompt you for server questions.

1. No

2. DNS domain name: openldap.server

3.Name of your organization: openldap.server

4.Admin password: 12345

5.Confirm password: 12345

6.OK

7.HDB

8. No

9. Yes

10.No

Step 3 : Test Configuration.

Use ldapsearch to view the tree, entering the admin password set during installation or reconfiguration:

# ldapsearch -xLLL -b cn=config -D cn=admin,cn=config -W olcDatabase={1}hdb

Enter LDAP Password:

dn: olcDatabase={1}hdb,cn=config

objectClass: olcDatabaseConfig

objectClass: olcHdbConfig

olcDatabase: {1}hdb

olcDbDirectory: /var/lib/ldap

olcSuffix: dc=openldap,dc=server

olcAccess: {0}to attrs=userPassword,shadowLastChange by dn="cn=admin,dc=exampl

e,dc=server" write by anonymous auth by self write by * none

olcAccess: {1}to dn.base="" by * read

olcAccess: {2}to * by dn="cn=admin,dc=openldap,dc=server" write by * read

olcLastMod: TRUE

olcDbCheckpoint: 512 30

olcDbConfig: {0}set_cachesize 0 2097152 0

olcDbConfig: {1}set_lk_max_objects 1500

olcDbConfig: {2}set_lk_max_locks 1500

olcDbConfig: {3}set_lk_max_lockers 1500

olcDbIndex: objectClass eq

Step 4 : Add new schema using ldif file.

First, create a conversion schema_convert.conf file containing the following lines:

#vi schema_convert.conf

include /etc/ldap/schema/core.schema

include /etc/ldap/schema/collective.schema

include /etc/ldap/schema/corba.schema

include /etc/ldap/schema/cosine.schema

include /etc/ldap/schema/duaconf.schema

include /etc/ldap/schema/dyngroup.schema

include /etc/ldap/schema/inetorgperson.schema

include /etc/ldap/schema/java.schema

include /etc/ldap/schema/misc.schema

include /etc/ldap/schema/nis.schema

include /etc/ldap/schema/openldap.schema

include /etc/ldap/schema/ppolicy.schema

Next, create a temporary directory to hold the output

#mkdir /tmp/ldif_output

Now using slaptest convert the schema files to LDIF

# slaptest -f schema_convert.conf -F /tmp/ldif_output

Edit the /tmp/ldif_output/cn=config/cn=schema/cn={8}misc.ldif file, changing the following attributes

#vi /tmp/ldif_output/cn=config/cn=schema/cn={8}misc.ldif

dn: cn=misc,cn=schema,cn=config

...

cn: misc

And remove the following lines from the bottom of the file

structuralObjectClass: olcSchemaConfig

entryUUID: 10dae0ea-0760-102d-80d3-f9366b7f7757

creatorsName: cn=config

createTimestamp: 20080826021140Z

entryCSN: 20080826021140.791425Z#000000#000#000000

modifiersName: cn=config

modifyTimestamp: 20080826021140Z

Finally, using the ldapadd utility, add the new schema to the directory

# ldapadd -x -D cn=admin,cn=config -W -f /tmp/ldif_output/cn\=config/cn\=schema/cn\=\{8\}misc.ldif

Step : 5 Create Test account

#vi test_account.ldif

dn: ou=people,dc=openldap,dc=server

objectClass: organizationalUnit

ou: people

dn: ou=groups,dc=openldap,dc=server

objectClass: organizationalUnit

ou: groups

dn: uid=test,ou=people,dc=openldap,dc=server

objectClass: inetOrgPerson

objectClass: posixAccount

objectClass: shadowAccount

uid: test

sn:

givenName: Test

cn: Test

displayName: Test

uidNumber: 1000

gidNumber: 10000

userPassword: password

gecos: Test

loginShell: /bin/bash

homeDirectory: /home/test

shadowExpire: -1

shadowFlag: 0

shadowWarning: 7

shadowMin: 8

shadowMax: 999999

shadowLastChange: 10877

mail: test@openldap.server

postalCode: 31000

l: Toulouse

o: Openldap

mobile: +33 (0)6 xx xx xx xx

homePhone: +33 (0)5 xx xx xx xx

title: System Administrator

postalAddress:

initials: JD

dn: cn=openldap,ou=groups,dc=openldap,dc=server

objectClass: posixGroup

cn: openldap

gidNumber: 10000

Save the file.

#ldapadd -x -D cn=admin,dc=example,dc=com -W -f test_account.ldif

We can check that the content has been correctly added with the tools from the ldap-utils package. In order to execute a search of the LDAP directory:

#ldapsearch -xLLL -b "dc=openldap,dc=server" uid=test sn givenName cn

dn: uid=test,ou=people,dc=openldap,dc=server

cn: test

sn:

givenName: test

Configure OpenLDAP Client

Step 1 : Install Required packages

#apt-get install libnss-ldap smbfs

During the install a menu dialog will ask you connection details about your LDAP server.

Should debconf manage LDAP configuration?: Yes

LDAP server Uniform Resource Identifier: ldap://10.8.0.12

Distinguished name of the search base: dc=openldap,dc=server

LDAP version to use: 3

Make local root Database admin: Yes

Does the LDAP database require login? No

LDAP account for root: cn=admin,dc=openldap,dc=server

LDAP root account password: 12345

Step 2 : Backup useful files

# cp /etc/nsswitch.conf /etc/nsswitch.conf.org

# mkdir /root/pam.d_backup

# cp /etc/pam.d/* /root/pam.d_backup/

Step 3 : Enable the auth-client-config LDAP profile

#auth-client-config -t nss -p lac_ldap

-t: only modifies /etc/nsswitch.conf.

-p: name of the profile to enable, disable, etc.

lac_ldap: the auth-client-config profile that is part of the ldap-auth-config package.

Step 4 : Configure the system to use LDAP for authentication

#pam-auth-update

Step 5 : Reboot the system

#reboot

Step 6 : Test OpenLDAP connection

#getent passwd

Above command will show the passwd file of Openldap server. If you see the account “test” which we have created in the OpenLDAP server then it shows that authentication working fine with OpenLDAP server. Try to ssh using test user on client machine.

Configure SAMBA server

Step 1 : Install required packages.

#apt-get install samba samba-doc smbldap-tools

Step 2 : OpenLDAP Configuration

Schema file needs to be unzipped and copied to /etc/ldap/schema.

# cp /usr/share/doc/samba-doc/examples/LDAP/samba.schema.gz /etc/ldap/schema/

#gzip -d /etc/ldap/schema/samba.schema.gz

Step 3 : Add a new schema to slapd

First, create a configuration file named schema_convert.conf

Create a temporary directory to hold the output

# mkdir /tmp/ldif_output

Slaptest to convert the schema files:

# slaptest -f schema_convert.conf -F /tmp/ldif_output

Edit the generated /tmp/ldif_output/cn=config/cn=schema/cn={12}samba.ldif file, changing the following attributes:

dn: cn=samba,cn=schema,cn=config

...

cn: samba

And remove the following lines from the bottom of the file:

structuralObjectClass: olcSchemaConfig

entryUUID: b53b75ca-083f-102d-9fff-2f64fd123c95

creatorsName: cn=config

createTimestamp: 20080827045234Z

entryCSN: 20080827045234.341425Z#000000#000#000000

modifiersName: cn=config

modifyTimestamp: 20080827045234Z

Finally, using the ldapadd utility, add the new schema to the directory

#ldapadd -x -D cn=admin,cn=config -W -f /tmp/ldif_output/cn\=config/cn\=schema/cn\=\{12\}samba.ldif

· Copy and paste the following into a file named samba_indexes.ldif

dn: olcDatabase={1}hdb,cn=config

changetype: modify

add: olcDbIndex

olcDbIndex: uidNumber eq

olcDbIndex: gidNumber eq

olcDbIndex: loginShell eq

olcDbIndex: uid eq,pres,sub

olcDbIndex: memberUid eq,pres,sub

olcDbIndex: uniqueMember eq,pres

olcDbIndex: sambaSID eq

olcDbIndex: sambaPrimaryGroupSID eq

olcDbIndex: sambaGroupType eq

olcDbIndex: sambaSIDList eq

olcDbIndex: sambaDomainName eq

olcDbIndex: default sub

· Using the ldapmodify utility load the new indexes:

# ldapmodify -x -D cn=admin,cn=config -W -f samba_indexes.ldif

If all went well you should see the new indexes using ldapsearch:

#ldapsearch -xLLL -D cn=admin,cn=config -x -b cn=config -W olcDatabase={1}hdb

Step 4 : Configure smbldap-tools

# cd /usr/share/doc/smbldap-tools/examples/

# cp smbldap_bind.conf /etc/smbldap-tools/

#cp smbldap.conf.gz /etc/smbldap-tools/

#gzip -d /etc/smbldap-tools/smbldap.conf.gz

# net getlocalsid ( it will give you a id which you have to put in the smbldap.conf file)

#vi smbldap.conf

You need to edit the specific lines according to your individual setup

SID="S-1-5-21-1169339956-3040674750-1689399154"

sambaDomain="OPENLDAP"

slaveLDAP="10.8.0.12"

slavePort="389"

masterLDAP="10.8.0.12"

masterPort="389"

ldapTLS="0"

verify="require"

cafile=""

clientcert=""

clientkey=""

suffix="dc=openldap,dc=server"

usersdn="ou=Users,${suffix}"

computersdn="ou=Computers,${suffix}"

groupsdn="ou=Groups,${suffix}"

idmapdn="ou=Idmap,${suffix}"

sambaUnixIdPooldn="sambaDomainName=OPENLDAP,${suffix}"

scope="sub"

hash_encrypt="SSHA"

crypt_salt_format="%s"

userLoginShell="/bin/bash"

userHome="/home/%U"

userHomeDirectoryMode="700"

userGecos="System User"

defaultUserGid="513"

defaultComputerGid="515"

skeletonDir="/etc/skel"

defaultMaxPasswordAge="45"

userSmbHome=""

userProfile=""

userHomeDrive=""

userScript=""

mailDomain="nextek.in"

with_smbpasswd="0"

smbpasswd="/usr/bin/smbpasswd"

with_slappasswd="0"

slappasswd="/usr/sbin/slappasswd"

Open the file /etc/smbldap-tools/smbldap_bind.conf file for editing

#vi smbldap_bind.conf

Edit the file so the following is correct according to your setup

slaveDN="cn=admin,dc=openldap,dc=server"

slavePw="12345"

masterDN="cn=admin,dc=openldap,dc=server"

masterPw="12345"

Change the permission of smbldap-tools files using below commands.

#chmod 0644 /etc/smbldap-tools/smbldap.conf

#chmod 0600 /etc/smbldap-tools/smbldap_bind.conf

Step 5 : Populate LDAP using smbldap-tools

# smbldap-populate

It will promp for password to assign to user root.

Verify that you have several new entries in your LDAP directory by running the command

# ldapsearch -x -b dc=openldap,dc=server | less

Step 6 : Configure samba server

#cp /etc/samba/smb.conf /etc/samba/smb.conf.org

#vi /etc/samba/smb.conf

Edit the main Samba configuration file /etc/samba/smb.conf commenting the passdb backend option and adding the following(no need to change anything from smb.conf file just put below content in file)

# passdb backend = tdbsam

# LDAP Settings

passdb backend = ldapsam:ldap://openldap.server

ldap suffix = dc=openldap,dc=server

ldap user suffix = ou=People

ldap group suffix = ou=Groups

ldap machine suffix = ou=Computers

ldap idmap suffix = ou=Idmap

ldap admin dn = cn=admin,dc=openldap,dc=server

ldap ssl = no

ldap passwd sync = yes

add machine script = sudo /usr/sbin/smbldap-useradd -t 0 -w "%u"

#put this content at end of file

[share]

path = /tmp

guest ok = yes

browseable = Yes

writable = yes

Step 7 : Restart samba to enable the new settings

# /etc/init.d/samba restart

Samba needs to know the LDAP admin password

# smbpasswd -w secret

Step 8 : useradd using smbldap-useradd

# smbldap-useradd -a -m -M test1 -c "test1" test1

-a allows Windows as well as Linux login

-m makes a home directory, leave this off if you do not need local access. PAM will be configured to automatically create a home directory.

-M sets up the username part of their email address

-c specifies their full name

#smbldap-passwd test1

Automount using pam_mount

Step 1 : Install required packages.

#apt-get install libpam-ldap

Above command automatically add the modules in /etc/pam.d/common-* so no need to configure any files.

# cp pam_mount.conf.xml pam_mount.conf.xml.org

# vi pam_mount.conf.xml



<volume user="test1" fstype="smbfs" noroot="1" server="10.8.0.12" path="share" mountpoint="/home/%(USER)" />



#reboot

Now login with test1 user and check /home/test1 directory. It will show the /tmp directory data from 10.8.0.12(OpenLDAP server). So we can remotely mount drive using pam_mount module.

Friday, May 15, 2009

Caching LDAP Server

Caching server is required when LDAP server is down and Client want to login in the local machine. If LDAP server is down then even if client is valid then also he/she is not able to login into the local machine.

So to prevent this situation we need to implement Cached credential at client side.

Step 1 : Install required packages

# apt-get install nss-updatedb libnss-db libpam-ccreds

Step 2 : Configure OpenLDAP authentication profile

# vim /etc/auth-client-config/profile.d/open_ldap

[open_ldap]

nss_passwd=passwd: compat ldap [NOTFOUND=return] db

nss_group=group: compat ldap [NOTFOUND=return] db

nss_shadow=shadow: compat ldap

nss_netgroup=netgroup: nis

pam_auth=auth      optional     pam_group.so

        auth       required     pam_env.so

        auth      [success=done default=ignore]   pam_unix.so nullok_secure try_first_pass

        # If LDAP is unavailable, go to next line. If authentication via LDAP is successful, skip 1 line.

        # If LDAP is available, but authentication is NOT successful, skip 2 lines.

        auth       [authinfo_unavail=ignore success=1 default=2] pam_ldap.so use_first_pass

        auth       [default=done] pam_ccreds.so action=validate use_first_pass

        auth       [default=done] pam_ccreds.so action=store

        auth       [default=bad]   pam_ccreds.so action=update

        auth       required     pam_deny.so

pam_account=account     [user_unknown=ignore authinfo_unavail=ignore default=done] pam_unix.so

account     [user_unknown=ignore authinfo_unavail=ignore default=done] pam_ldap.so

        account     required       pam_permit.so

pam_password=password   sufficient   pam_unix.so nullok md5 shadow use_authtok

        password   sufficient   pam_ldap.so use_first_pass

        password   required     pam_deny.so

pam_session=session    required     pam_limits.so

        session    required     pam_mkhomedir.so skel=/etc/skel/ umask=0077

        session    required     pam_unix.so

        session    optional     pam_ldap.so

Save the file.

Step 3: Create a script for configuration

#vi script.sh

echo '#!/bin/sh'               | sudo tee    /etc/cron.daily/upd-local-nss-db

echo `which nss_updatedb` ldap | sudo tee -a /etc/cron.daily/upd-local-nss-db

sudo chmod +x /etc/cron.daily/upd-local-nss-db

cp open_ldap /etc/auth-client-config/profile.d/

auth-client-config -a -p open_ldap

Save the file and make it executable.

#chmod +x script.sh

#./script.sh

Step 4: Configure /etc/ldap.conf file.

Check the parameter

host example.com

base dc=example,dc=com

uri ldap://example.com/

rootbinddn cn=admin,dc=example,dc=com

bind_policy soft

Save file and exit.

# cp /etc/ldap.conf /etc/ldap/ldap.conf

# nss_updatedb ldap

(it will create a passwd.db and group.db )

Step 4 : Test the LDAP client.

#reboot

For caching users in client machine you must need to login one time into the local machine so that your data is stored into the databases. So next time even LDAP server is not available you can able to login into the local machin

#ssh sanjay@ldapclientip

Now Shutdown LDAP service from Server to test caching server

# /etc/init.d/slapd stop.

Now try to login into the LDAP server

#ssh sanjay@ldapclientip

It will permit you to login into the local machine and authentication is based on the data stored in the nss database on local machine.

Enable Caching Server for LDAP client

Configure OpenLDP Server & LDAP Client in Ubuntu

Configure Server

Step 1 : Install Packages

#apt-get install slapd ldap-utils migrationtools

During the installation you will be prompted to supply an Admin password and then to confirm .

Admin password: secret

Confirm password: secret

Step 2 : Reconfigure OpenLDP Server

    #dpkg-reconfigure slapd

This will also prompt you for some information

No

DNS domain name: example.com

Name of your organization: example.com

Admin password: secret

Confirm password: secret

OK

BDB

No

Yes

No

Step 3 : Generate a encrypted password using slappasswd

    #slappasswd

      New password : password

        Conf password : password

        {SSHA}iJE9RpyiswdfdE10MQGof6lNycmGjG0edXd

Step 4 : Check /etc/ldap/slapd.conf file parameter

     # vi init.ldif

database        bdb

suffix          "dc=example,dc=com"

rootdn          "cn=admin,dc=example,dc=com"

rootpw          {SSHA}iJE9RpyiswdfdE10MQGof6lNycmGjG0edXd

    #paste the password we have generated using slappasswd

Step 5 : Reboot the server and start slapd service

# reboot

# /etc/init.d/slapd start

Step 6 : Generate ldif files for user group & organization data

Sample file : # vi init.ldif

dn: dc=example,dc=com

objectClass: dcObject

objectClass: organizationalUnit

dc: example

ou: Example Dot Com

dn: cn=admin,dc=example,dc=com

objectClass: simpleSecurityObject

objectClass: organizationalRole

cn: admin

description: LDAP administrator

userPassword: <password>

dn: ou=people,dc=example,dc=com

objectClass: organizationalUnit

ou: people

dn: ou=groups,dc=example,dc=com

objectClass: organizationalUnit

ou: groups

dn: uid=lionel,ou=people,dc=example,dc=com

objectClass: inetOrgPerson

objectClass: posixAccount

objectClass: shadowAccount

uid: lionel

sn: Porcheron

givenName: Lionel

cn: Lionel Porcheron

displayName: Lionel Porcheron

uidNumber: 1000

gidNumber: 10000

userPassword: <password>

gecos: Lionel Porcheron

loginShell: /bin/bash

homeDirectory: /home/lionel

shadowExpire: -1

shadowFlag: 0

shadowWarning: 7

shadowMin: 8

shadowMax: 999999

shadowLastChange: 10877

mail: lionel.porcheron@example.com

postalCode: 31000

l: Toulouse

o: Example

mobile: +33 (0)6 xx xx xx xx

homePhone: +33 (0)5 xx xx xx xx

title: System Administrator

postalAddress:

initials: LP

dn: cn=example,ou=groups,dc=example,dc=com

objectClass: posixGroup

cn: example

gidNumber: 10000

dn: cn=example2,ou=groups,dc=example,dc=com

objectClass: posixGroup

cn: example2

memberUid: lionel

gidNumber: 10001

save the file

Step 7: Finalize process

#/etc/init.d/slapd stop

# rm -rf /var/lib/ldap/*

# slapadd -l init.ldif

# chown -R openldap:openldap /var/lib/ldap

# /etc/init.d/slapd start

Step 8 : Test Server

#ldapsearch -x -b "cn=admin,dc=example,dc=com"

If It shows the result then server is working fine.

Configure Client

Step 1 : Install required packages

#apt-get install auth-client-config libpam-ldap libnss-ldap

Answer the questions with the following (customize if you need to):

Should debconf manage LDAP configuration?: Yes

LDAP server Uniform Resource Identifier: ldapi://example.com

Distinguished name of the search base: dc=example,dc=com

LDAP version to use: 3

Make local root Database admin: Yes

Does the LDAP database require login? No

LDAP account for root: cn=admin,dc=example,dc=com

LDAP root account password: secret

Step 2: Configure /etc/ldap.conf file

Backup files

#cp /etc/ldap.conf /etc/ldap.conf.org

#cp /etc/ldap/ldap.conf /etc/ldap/ldap.conf.org

Modify the below content from the file /etc/ldap.conf

host example.com

base dc=example,dc=com

uri ldap://example.com/

rootbinddn cn=admin,dc=example,dc=com

bind_policy soft

#cp /etc/ldap.conf /etc/ldap/ldap.conf

Step 3: Configure OpenLDAP authentication profile

Create a new file open_ldap

# vim /etc/auth-client-config/profile.d/open_ldap

Put below content

[open_ldap]

nss_passwd=passwd: compat ldap

nss_group=group: compat ldap

nss_shadow=shadow: compat ldap

pam_auth=auth       required     pam_env.so

auth       sufficient   pam_unix.so likeauth nullok

auth       sufficient   pam_ldap.so use_first_pass

auth       required     pam_deny.so

pam_account=account    sufficient   pam_unix.so

account    sufficient   pam_ldap.so

account    required     pam_deny.so

pam_password=password   sufficient   pam_unix.so nullok md5 shadow use_authtok

password   sufficient   pam_ldap.so use_first_pass

password   required     pam_deny.so

pam_session=session    required     pam_limits.so

session    required     pam_mkhomedir.so skel=/etc/skel/ umask=0077

session    required     pam_unix.so

session    optional     pam_ldap.so

Step 4 : Backup files

#cp /etc/nsswitth.conf /etc/nsswith.conf.org

#cp –ra /etc/pam.d/* /tmp/backup

Step 5 : Enable the new OpenLDAP profile

# auth-client-config -a -p open_ldap

Step 6: Test ldap client

#getent passwd (will show the ldapserver database users created in init.ldif file)

#getent group    (will show the ldapserver group created in init.ldif file)

If above command shows the users then add new user and try to login on client

# vi newuser.ldif

dn: uid=sanjay,ou=People,dc=example,dc=com

uid: sanjay

cn: sanjay

objectClass: account

objectClass: posixAccount

objectClass: top

objectClass: shadowAccount

userPassword: sanjay

shadowLastChange: 14301

shadowMax: 99999

shadowWarning: 7

loginShell: /bin/bash

uidNumber: 1009

gidNumber: 1002

homeDirectory: /home/sanjay

save above file and exit.

#/etc/init.d/slapd stop

#slapadd –l newuser.ldif

#/etc/init.d/slapd start

Try to login to the client machine using

#ssh sanjay@ipaddress

If you are able to login then your configuration is correct otherwise you have missed some points. Check again…enjoy!!!!!!!!!!!!!!!!

Tuesday, May 12, 2009

Installing Gnome Desktop on CentOs/RHEL/Fedora/Ubuntu Server installation

# yum groupinstall “X Window System” “GNOME Desktop Environment”

This should install GNOME Desktop on your System…

For Ubuntu server

#aptitute install ubuntu-desktop or

#apt-get install ubuntu-desktop

Enjoy.......

Friday, May 8, 2009

Import data to mysql database from .txt files using "Sed"

Review the post :http://sanjaybdalal.wordpress.com/2009/05/08/export-mysql-tables-in-txt-files/ . In this post we have export the mysql database data into the .txt files.

Now we are import the data from .txt files to mysql database. For that we have to reformate the .txt files data which will support in the sql format.

#cat example.txt

1,SANJAY,AHMEDABAD,SYSTEM ADMIN

1,PRIYA,PUNE,PERL DEVELOPER

1,AKSHAY,GONDAL,PERL DEVELOPER

1,MIHIR,MUMBAI,PERL DEVELOPER

Now using "sed" command we will format this file to support sql.

sed -e 's/,/","/g' -e 's/^/insert into example values("/g' -e 's/$/");/g' example.txt

#sed -e 's/,/","/g' -e 's/^/insert into example values("/g' -e 's/$/");/g' example.txt > example.txt.new

where ^ represent start to the line and $ represent end of the line.

Output :

#cat example.txt.new

insert into example values("1","SANJAY","AHMEDABAD","SYSTEM ADMIN");

insert into example values("1","PRIYA","PUNE","PERL DEVELOPER");

insert into example values("1","AKSHAY","GONDAL","PERL DEVELOPER");

insert into example values("1","MIHIR","MUMBAI","PERL DEVELOPER");

Thursday, May 7, 2009

Export mysql tables in .txt files

Wednesday, May 6, 2009

Read File using Shell Script

#!/bin/bash

FILENAME="filename.txt"

exec 0< $FILENAME

while read LINE

echo $LINE

done

#!/bin/bash

FILENAME="filename.txt"

exec 0< $FILENAME

while read LINE

echo $LINE

done

Remove Blank lines from file

sed '/./!d' backupfilelist.txt > temp1.txt

sed '/^$/d' backupfilelist.txt > temp1.txt

grep -v '^

filename.txt > temp1.txt

Tech 1 : sed '/./!d' filename.txt > temp1.txt

Tech 2 : sed '/^$/d' filename.txt > temp1.txt

Tech 3 : grep -v '^$' filename.txt > temp1.txt

Shell Script to take Backup Files & Directory

Step 1 : create a file /path/to/backupfilelist.txt which contains the files & directory which you want to take bacup

Step 2 : Write a script backup_files_and_directory.sh

#!/bin/sh

#Script for take a backup of list of files and directory in one compress file

#file format which contains backup files & directory

FILENAME="`date +%d-%m-%Y`.tar.gz"

#This file contains the files & directory which we are going to take backup

BACKUPFILELIST="/path/to/backupfilelist.txt"

#Directory where backup kept

BACKUPDIRECTORY="/root/filebackup"

TAR=`which tar`

#create backup directory if not exist

if [ ! -d $BACKUPDIRECTORY ]; then

mkdir -p /root/filebackup

fi

#check backupfilelist.txt is available or not

if [ -f $BACKUPFILELIST ]; then

        BACKUPFILE=`cat $BACKUPFILELIST | grep -E -v "^#"`

else

        echo "File not Exist...Please create Backup file first"

        exit 1

fi

#check for the backupfilelist.txt null or not

if [ $BACKUPFILELIST = "" ]; then

        echo "Backup file list is empty..Please add some files or directory to take backup"

        exit 2

fi

#take a bakcup

$TAR -zcvf $BACKUPDIRECTORY/$FILENAME $BACKUPFILE > /dev/null

Step 3 : make script executable

#chmod +x backup_file_and_directory.sh

Step 4 : execute file

#./backup_file_and_directory.sh

Mysql database Backup Script

#!/bin/bash

MYSQL=`which mysql` #mysql version

MYSQLDUMP=`which mysqldump` #mysqldump file

HOSTNAME=`hostname` #hostname of backup server

USERNAME="username" #mysql server user

PASSWORD="password" #mysql user password

LOCALSERVER="localhost" #mysql local server name

BACKUPDIRECTORY=/root/mysqldbbackup #backup directory where backup is stored

NOW="$(date +"%d-%m-%Y")" #Backup file format

DATATBASELIST="" #Mysql database list

IGNOREDATABASE="exampledb" #Ignore database not to be include in backup

GZIP=`which gzip` #Gzip to compress the backup file

FILENAME="" #Database backup file names

#store the database list in DATABASELIST

DATABASELIST=`$MYSQL -u $USERNAME -h $LOCALSERVER -p$PASSWORD -Bse 'show databases'`

#Fetch database on by one and take a backup

for db in $DATABASELIST

do

   skipdatabase=-1

   if [ "$IGNOREDATABASE" != "" ]; then

   for i in $IGNOREDATABASE #check the ignore database list

   do

   if [ "$db" = "$i" ]; then

   skipdatabase=1 #it will skip this database and move to second database list

   fi

   done

   fi

   if [ "$skipdatabase" = "-1" ]; then

   FILE="$BACKUPDIRECTORY/$db.$HOSTNAME.$NOW.gz" #Backup file format & Backup directory

   #ALL in one command to take backup & compress the backup file

$MYSQLDUMP -u $USERNAME -h $LOCALSERVER -p$PASSWORD $db | $GZIP -9 > $FILE

Install Joomla how to

It seems that a lot of new Joomla users want to know how to install Joomla. It’s obviously very easy and when I started writing tutorials for Jooma I skiped that step. Of, course that must be the first tutorial but…

You must decide where to install Joomla on your domain. The following paths can be used: http://www.yourdomain.com or http://www.yourdomain.com/Joomla . You you don’t have anything on your domain I will suggest to install on http://www.yourdomain.com. You can also change http://www.yourdomain.com/joomla to http://www.yourdomain.com/site or anything you want.

After you downloaded the package you must decompress it to your hard drive before upload. Decompress and open your FTP client. Login with your Ftp client to your site and upload all your files in the desired directory.

Until all the files upload let’s prepare our database. Login to your cpanel and go to “MySQL databases”. Serach for the button “add db” and type in the form the name of the new database (ex: joomladatabase). Press “add db” button. The new database is created. Now, let’s add a user to that database. Look for “Add User” button. Type your uservame and a password and press “add User”. (don’t forget the password). The next step is to add the user to our database. Below databases are 2 dropdown spots where you see a user and a database. Select yournew user and database. Below select the desired privileges and press “Adduser to DB”.

Wow, finished with our database! You can close now the Cpanel because we don’t need it at this point.

or you can use with phpmyadmin or using command line

mysql -u root -p

password: (your password)

create database joomla; <———– use your databasename

quit:

If the upload is over we can start installing Joomla. Open your browser and type in the adressbar http://www.yourdomain.com or http://www.yourdomain.com/joomla. The browser will load the first page in our installation process. It shoul look like the image below.

If something goes wrong and you don’t see the images above type in your browser http://www.yourdomain.com/installation/index.php. I still the page is stange you must verify if:

you uploaded all your files

you uploaded your files on another directory of your site

you have Apache / SQL / PHP server

Our screen have 3 sections: The first checks that your system is able to run Joomla, the second part are some PHP settings and the thrid part checks several file and directory permissions. All parts must be exacly like our image. If the first 2 are not the same ask your web hosting provider about them and maybe they will make corrections. The 3rd part must be modiied by you. This can be done with your ftp client. You must give the directory permisions (CHMOD) so the files to be writeable.

If everything is ok click “Next” button.

The next screen is Joomla Licence and “Terms and Conditions”. read it and if you agree click the checkbox “I Accept the GPL License” and click “next” button on the top-right.

Next page is the “STEP 1″ in our configuration. We have to fill our database configuration. Your hostname is usually “localhost”. We created before the database, username and password. Now, all you have to do is to fill the spaces with the name of the database, username and password. The MySQL Table prefix can be left “jos_” . If is your first installation click the checkbox “Install Sample data”. Click “Next”. A pop-up window will appear to ask you if all info are correct. Verify again and click “Ok”.

Next page is very simple. Type your Site Name and click “Next”. You can Modify you Site name if you want later in the administration area.

In “STEP 3″ you will confirm your URL, path, email and password. The URL and path are usually right and you don’t need to make modifications. The e-mail and password is your “Super Administrator” e-mail and password. Type your e-mail and a password. Remember the password because you won’t be able to login in the Administrator Section i you forgot it. Your username is by default “admin”. You can change your username, password and e-mail later in the “Administration Section”. If all done press “Next”.

Last Step! You see in this screen your username and password. Also Joomla remember you to delete the “Installation” directory. (Use ftp client for that). Also, you have the configuration file typed. Select all and copy. With your ftp client edit “configuration.php” and type (better “paste”) what is written in this last Step.

That’s all! You can press “View Site” to view your new Joomla Site, or “Administration” to enter in the “Administration Area”.

Tuesday, May 5, 2009

Find Command Tips

Find out multiple files
Find out multiple extention files with Total size

find / $ -name '*.mpg' -o -name '*.mp3' -o -name '*.mov' -o -name '*.wma' $ -exec du -sk {} \; | awk '{c+=$1} END {printf "%s KB\n", c}'

#find / $ -name '*.mpg' -o -name '*.mp3' -o -name '*.mov' -o -name '*.wma' $ -exec du -sk {} \;

Find out multiple extention files with Total size

find / $ -name '*.mpg' -o -name '*.mp3' -o -name '*.mov' -o -name '*.wma' $ -exec du -sk {} \; | awk '{c+=$1} END {printf "%s KB\n", c}'

Monday, May 4, 2009

Adjusting qmail queue time / lifetime

set the queuelifetime:

# echo 86,400" > /var/qmail/control/queuelifetime

# /etc/init.d/qmail restart

The above example is for 1 days (qmail needs the time length in seconds). Just take the days and multiply by 86,400 seconds to get your result.

Saturday, May 2, 2009

Mysql Replication status notification

Using the script you can get the alert message from the replication server if replication is down or not working.

--------------------------------------------------------------------------------------------

#!/bin/bash

PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin

#script checking the replication is running or not.

#If replication is down then sent the alert mail.

slave_server_hostname=192.168.10.1

###check if already notified###

cd /root

if [ -f slave_problem.txt ]; then

rm -rf /root/slave_problem.txt

exit 1;

fi

###Check if slave running###

(

echo "show slave status \G;"

) | mysql -u username -h $slave_server_hostname -ppassword 2>&1 | grep "Slave_IO_Running: No"

if [ "$?" -ne "1" ]; then

echo "Replication Failed"

echo "Replication failed" > /root/slave_problem.txt

fi

###Send notification if replication down###

cd /root

if [ -f slave_problem.txt ]; then

#mail -s "Replication problem" mail_id@domainname.com< /root/slave_problem.txt

echo "Problem in replicaition"

fi

----------------------------------------------------------------------------------------------

Setup this script in conrtab of Master server

#chmod +x /path/to/Checkreplication.sh

#crontab -e

* * * * * /path/to/Checkreplication.sh

Thursday, April 30, 2009

Disable Users to login into the server

Suppose we want to take a backup of user's account. So for that first of all we have to block the user to login into their account to maintain data integrity of user's backup files. So using below technique we can do that very easily.enjoy !!!

Edit the pam file located in /etc/pam.d/ directory for the service you want to control.

Example : Suppose you want to do control ssh service

Step 1: Add below line in /etc/pam.d/sshd file if it is not available.

account required pam_nologin.so

Step 2: Create the /etc/nologin file,

# touch /etc/nologin

This should disable the login from ssh for every user except administrator user(root).

Step 3: To re-enable the login just remove /etc/nologin

# rm –rf /etc/nologin

Split the Large files

Split on a 300mb example.zip file:

#split -b 100mb example.zip

It will generate 3 files with the following file sizes:

100MB xaa
100MB xab
100MB xac

After split use: cat to combine a file

#cat xa* > example-new.zip

Wednesday, December 30, 2009

Friday, October 23, 2009

Tuesday, September 29, 2009

Monday, September 28, 2009

Tuesday, September 15, 2009

Friday, July 31, 2009

Sunday, July 26, 2009

Thursday, July 9, 2009

Thursday, July 2, 2009

Wednesday, July 1, 2009

Monday, June 22, 2009

Friday, May 15, 2009

Tuesday, May 12, 2009

Friday, May 8, 2009

Thursday, May 7, 2009

Wednesday, May 6, 2009

Tuesday, May 5, 2009

Monday, May 4, 2009

Saturday, May 2, 2009

Thursday, April 30, 2009

sanjay's shared items

My Blog List